EP2137665A1 - Authentication method and token using screen light for both communication and powering - Google Patents
Authentication method and token using screen light for both communication and poweringInfo
- Publication number
- EP2137665A1 EP2137665A1 EP07856597A EP07856597A EP2137665A1 EP 2137665 A1 EP2137665 A1 EP 2137665A1 EP 07856597 A EP07856597 A EP 07856597A EP 07856597 A EP07856597 A EP 07856597A EP 2137665 A1 EP2137665 A1 EP 2137665A1
- Authority
- EP
- European Patent Office
- Prior art keywords
- token
- solar cells
- server
- array
- otp
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/44—Program or device authentication
- G06F21/445—Program or device authentication by mutual authentication, e.g. between devices or programs
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
- G06F21/34—User authentication involving the use of external additional devices, e.g. dongles or smart cards
- G06F21/35—User authentication involving the use of external additional devices, e.g. dongles or smart cards communicating wirelessly
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2129—Authenticate client device independently of the user
-
- Y—GENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y04—INFORMATION OR COMMUNICATION TECHNOLOGIES HAVING AN IMPACT ON OTHER TECHNOLOGY AREAS
- Y04S—SYSTEMS INTEGRATING TECHNOLOGIES RELATED TO POWER NETWORK OPERATION, COMMUNICATION OR INFORMATION TECHNOLOGIES FOR IMPROVING THE ELECTRICAL POWER GENERATION, TRANSMISSION, DISTRIBUTION, MANAGEMENT OR USAGE, i.e. SMART GRIDS
- Y04S40/00—Systems for electrical power generation, transmission, distribution or end-user application management characterised by the use of communication or information technologies, or communication or information technology specific aspects supporting them
- Y04S40/20—Information technology specific aspects, e.g. CAD, simulation, modelling, system security
Definitions
- the present invention describes a method and an apparatus to authenticate a user's identity, for gaining access to sensitive data and-or applications in a secure way, but without the need to insert the device into readers of any sort.
- Typical applications would for example be: internet remote shopping, remote home-banking and financial transactions, access to virtual private networks (VPNs), etc.
- VPNs virtual private networks
- the apparatus would be integrated into a conventional credit card, as to enhance security while using said credit card for payment authorisation.
- Several devices known as authentication tokens, are commercially available which already feature similar functions, although obtained by other means.
- RSA Security Inc. and TRI-D Systems Inc. offer authentication tokens which generate One Time Passwords (OTPs), typically displayed on a Liquid Crystal Display (LCD), for authenticating a user identity when the user initiates a session to connect to a secure server from a client application.
- OTPs One Time Passwords
- LCD Liquid Crystal Display
- Existing authentication tokens generate OTPs in various way.
- a very common way herewith called “Current Time Encryption”, consists in encrypting the token's clock 64-bit standard ISO representation of Current Time, by means of a token specific true Random Seed and a token specific Salt (practically a serial number), both known also to the secure server the client is trying to gain access to, to then generate a OTP every about 60 seconds (an example is the SecurlD® token from RSA Security Inc.).
- a token specific true Random Seed and a token specific Salt (practically a serial number)
- OTP every about 60 seconds
- the user identity is then verified at the secure server side.
- the server would then include procedures to correct for token's clocks running slower or faster than its own Current Time clock.
- Challenge Code Encryption Another known way, herewith called “Challenge Code Encryption” would make use of a keypad on the authentication token itself, and by means of which a user can enter a one time Challenge Code sent by the server and displayed, for example, on the login page of the service the user is trying to gain access to.
- the token then encrypts said Challenge Code with a token specific true “Random Seed” and a token specific Salt, both also known to the secure server that the client is trying to gain access to, displaying then the resulting OTP on the LCD.
- the user identity is then verified at the secure server side.
- yet another method would get away with the need for encryption algorithms at the token's side by simply storing in the token's EEPROM a lookup table containing several random OTPs, known only to the server and the token itself. At each login the server would then ask for the OTP stored at location x, which the token will then readily display.
- the method and device disclosed by this patent can be used to implement "Current Time Encryption” and-or “Challenge Code Encryption” and-or “OTPs Table” types of authentication, whatever the choice of the detailed encryption algorithm.
- a typical embodiment would consist in a credit card size token, featuring on one side an array of solar cells (for example of the photovoltaic type), and on the other side a display device (ideally, of a thin and flexible type).
- the server displays a Challenge Code (or Current Time for the "Current Time Encryption” method), encoded in a sequence of bright and dark rectangles, which are then shown in an area of the screen approximately the size of a credit card.
- Dl Portable Acess Device
- Bloomberg LP February 13, 2004, discloses (Fig. 6) a portable access device capable of reading, by means of photosensors, modulated light signals from a computer monitor.
- D2 Small Cell Powered Smart Card with Integrated Display and Interface Keypad
- Motorola Inc. July 7, 1998
- a smart card including a MPU, a display, a keypad, an interface for signals exchange with an external system, and photovoltaic cells for providing power.
- D4 IC Card Having Energy Input and Data Exchange Elements on Opposite Sides Thereof, T. Anegawa, December 18, 1990, discloses an IC Card featuring one main surface with solar cells to generate power, and the other main surface with semiconductor photo-elements for contactless data exchange with an external reader.
- the device described in Dl although capable of decoding light modulated signals conveyed by images displayed on a PC monitor, it does so thanks to photosensors, still requiring the use of a battery for powering the signal conditioning and processing electronics.
- D3, D4, and D5 all describe cards whereby optical means are used for both supplying energy to the card's circuitry, as well as for establishing data communication paths. However, for card interrogation and-or data exchange, they all require the card to be inserted in a suitable card reader specific to that particular type of card.
- the present invention instead, obtains similar capabilities by introducing a novel way to interrogate the authentication card, whereby the card is laid against an image on a computer screen, or other type of terminal, and whose light output is used both to supply energy to the card's internal circuitry, as well as to encode server's requests.
- a very convenient way to generate said sequence of images would consist in merging into a standard GIF animation a sequence of white rectangles suitably interleaved with black rectangles, but other equally effective methods can easily be imagined by the skilled in the art.
- the home banking service would ask for Alice's User ID, which Alice would enter to gain access to a login page of the kind shown in Figure Ia.
- an area of approximately the size of a credit card displays a rapid sequence of bright images interleaved by dark ones, in a suitable way to encode the "Current Time” as broadcasted by the server (typically, with updates about every minute), or to encode a suitably generated one-time "Challenge Code", that could also be periodically updated and broadcasted to all users, or could otherwise be specific to each user (depending on the details of the specific encryption algorithm utilised).
- an array of solar cells convert the image's light output in electric energy, while intensity variations in said light are of sufficient amplitude as to allow simple and reliable decoding of the server's request, as shown in the oscilloscope recording inserted at the bottom of Figure Ia (example obtained by recording the voltage output of a string of 4 cells of the type used in solar powered calculators, terminated on a suitable load)
- the solar cells output is also used to recharge an energy storage element, such as for example the capacitor drawn in figure Ia, by means of suitable energy conditioning circuitry (schematically represented as a diode in figure Ia).
- a Micro Processor Unit, MPU can then draw its supply from said energy storage element, while a suitable DECODE interface circuitry, and associated software, allows decoding of the code embedded in the sequence of images.
- the MPU has now all the data needed for computing the OTP, which is then shown on the token's display device.
- the energy conditioning circuitry might indeed simply consist in a low drop Schottky rectifier, but more efficient and advanced solutions exist, and which are commonly known to the skilled in the art: MOSFET transistors driven as synchronous rectifiers, micropower switching mode boost converters capable to keep charging the energy storage element even at Vmin solar cells output, and all other obviously applicable solutions.
- Suitable solar cells are commercially available, which are very thin and flexible, ideal characteristics for being integrated in credit card type of tokens.
- Computer screens and monitors can easily produce images with brightness in excess of 200 cd/m , so that less than about 10 cm of total solar cells array area would typically generate sufficient energy.
- the skilled in the art can then figure out how to best connect the required number of solar cells, in conventional series and-or parallel configurations.
- Concerning the display device several different technologies are nowadays available which allow the manufacturing of very thin and flexible displays.
- a suitable micropower MPU would normally consume few tens of ⁇ W, requiring peaks of a couple of mW, lasting a couple of msec, only during EEPROM locations writing.
- Such peaks of energy demand can easily be buffered by a capacitor(s) totalling few ⁇ F, and which a suitable array of solar cells can recharge in less than one second of typical white screen light illumination.
- the MPU would verify the amount of energy available (by monitoring the voltage across the storage capacitor) before starting any peak energy demanding task.
- the skilled in the art can therefore imagine several possible coding schemes producing a worst case total light output such as to always guarantee sufficient energy storage, while ensuring at the same time reliable and easy decoding.
- each coding sequence of bright and dark images could be repeated several times, or continuously, as to allow the MPU to verify multiple times the correct reading of the server's requests, while at the same time generating enough energy for the MPU needs.
- the dark image does not need to be pure black, but a best trade-off can be found by means of which: - colour and brightness of the bright image are selected to match, as far as possible, the solar cell(s) spectral response, as to guarantee that energy output is maximised, even under worst case conditions.
- the dark image too could be optimised for colour and relative brightness (with respect to the bright image), as to guarantee reliable decoding while maximizing the total solar cell(s) energy output.
- the modulations in brightness are detected by a separate photo sensing element, as to allow more flexibility in the detailed design of the coding scheme and of the circuitry for its decoding.
- a very convenient way to realise said photo sensing element could for example consist in reserving a fraction of the total area of the solar cells array as to obtain a very small cell dedicated to this purpose.
- a second constantly bright area could be placed just next to the screen area already displaying the sequence of images coding the server's requests. Some kind of reference lines and-or symbols drawn on the token would then help the user to correctly place it, for example by positioning said reference lines and-or symbols as to match the edge between said screen areas, as shown in figure 2A.
- figure 2B schematically illustrates a token featuring two photo sensing elements, each facing different portions of the screen, both of varying brightness, allowing more complex coding schemes to be implemented, such as for example:
- one of the sensors could be used to convey a conventional CLOCK signal, to help in properly timing the sampling of the output signal of the other sensor, allowing hence to spare those time intervals, such as train of pulses and the like, usually required for periodic synchronisation by most serial communication protocols .
- Another possible approach could consist in encoding the server's request into variations of the relative brightness between different screen portions and of varying brightness, so that by suitably subdividing into multiple discrete levels the analogue value of said relative brightness the overall data rate could be increased significantly.
- a very convenient way to realise photo sensing elements sensitive to defined portions of the coding image emission spectrum could for example consist in reserving a fraction of the total area of the solar cells array as to obtain a number of small cells dedicated to this purpose. Each cell would then be covered by an optical filter (in practice a coloured film of transparent plastic material) tuned to that particular portion of the emission spectrum.
- the token specific Random Seed and Salt could be programmed into the MPU at the manufacturing stage, or also later on by using a similar method as used for reading server's requests from the screen, but carried out on a secure terminal (for example a workstation at a secure location), before delivery of the token to the customer.
- a secure terminal for example a workstation at a secure location
- Such programming terminals could be chosen of a particularly bright type, so that the higher rate of energy generated by the solar cells would allow to considerably speed up the programming time required for each token.
- the programming could take place also by means of the already present electrical contacts.
- the last recorded date and time value could also be displayed each time sufficient light illuminates the array of solar cells. If the recording, in the MPU EEPROM, of the last decoded "Current Time” value is allowed only when said value corresponds to a more recent time with respect to the one currently stored, then the user could easily verify: whether token has been used, without the user knowing - whether the token was temporarily removed, without the user knowing, by somebody who then exposed it to sequences of images encoding for future values of the "Current Time, as to later be able to use, at said dates and times, the "stolen” OTPs.
- the corresponding EEPROM location can be deleted, and a counter updated, so that various ways can now be imagined for providing visual feedback to the user on whether somebody has temporarily taken possession of the token, without him knowing, and tried to "steal" the OTPs (or only some of them), by presenting to the token coded images consecutively asking for the stored OTPs.
- the inventive step of this invention shall be understood as independent from a particular choice for the encryption algorithm, or coding scheme for the sequence of images, or visual feedback method, rather it consists in the idea of using the light output from the screen displaying the relevant login page, to convey both the server's requests and the energy needed to supply the token.
Abstract
Description
Claims
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
IT000453A ITMI20070453A1 (en) | 2007-03-07 | 2007-03-07 | METHOD AND DEVICE FOR AUTHENTICATION OF THE IDENTITY IN WHICH IT IS POSSIBLE TO GENERATE ACESS CODES BY USING THROUGH THE DECODING OF IMAGES WHERE THE LIGHT IS ALSO USED FOR THE SUPPLY OF THE SAME DEVICE |
PCT/EP2007/010849 WO2008107008A1 (en) | 2007-03-07 | 2007-12-12 | Authentication method and token using screen light for both communication and powering |
Publications (2)
Publication Number | Publication Date |
---|---|
EP2137665A1 true EP2137665A1 (en) | 2009-12-30 |
EP2137665B1 EP2137665B1 (en) | 2013-03-20 |
Family
ID=39226598
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
EP07856597A Active EP2137665B1 (en) | 2007-03-07 | 2007-12-12 | Authentication method and token using screen light for both communication and powering |
Country Status (4)
Country | Link |
---|---|
US (1) | US20100088754A1 (en) |
EP (1) | EP2137665B1 (en) |
IT (1) | ITMI20070453A1 (en) |
WO (1) | WO2008107008A1 (en) |
Families Citing this family (19)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US8024576B2 (en) * | 2008-03-31 | 2011-09-20 | International Business Machines Corporation | Method and system for authenticating users with a one time password using an image reader |
US20100083000A1 (en) * | 2008-09-16 | 2010-04-01 | Validity Sensors, Inc. | Fingerprint Sensor Device and System with Verification Token and Methods of Using |
US8799666B2 (en) * | 2009-10-06 | 2014-08-05 | Synaptics Incorporated | Secure user authentication using biometric information |
WO2011108004A1 (en) * | 2010-03-02 | 2011-09-09 | Eko India Financial Services Pvt. Ltd. | Authentication method and device |
FR2957216B1 (en) * | 2010-03-03 | 2016-06-17 | Avencis | REMOTE STRONG AUTHENTICATION METHOD, AND INITIALIZATION METHOD, DEVICE AND ASSOCIATED SYSTEMS |
EP2700044B1 (en) | 2011-04-18 | 2019-01-02 | C-Sigma S.r.l. | Authentication device with photosensitive input keys |
US9165295B2 (en) * | 2011-05-09 | 2015-10-20 | Moon J. Kim | Automated card information exchange pursuant to a commercial transaction |
JP2013020609A (en) * | 2011-06-13 | 2013-01-31 | Kazunori Fujisawa | Authentication system |
US9628875B1 (en) | 2011-06-14 | 2017-04-18 | Amazon Technologies, Inc. | Provisioning a device to be an authentication device |
US9639825B1 (en) * | 2011-06-14 | 2017-05-02 | Amazon Technologies, Inc. | Securing multifactor authentication |
US8490872B2 (en) | 2011-06-15 | 2013-07-23 | Moon J. Kim | Light-powered smart card for on-line transaction processing |
US9230087B2 (en) * | 2011-12-19 | 2016-01-05 | Henry Oksman | Optical filter security |
DE102012101876A1 (en) * | 2012-03-06 | 2013-09-12 | Wincor Nixdorf International Gmbh | PC hedge by BIOS / (U) EFI extensions |
TWM435771U (en) * | 2012-04-27 | 2012-08-11 | Giga Solar Materials Corp | Card type solar charger |
US9594888B1 (en) * | 2012-06-25 | 2017-03-14 | EMC IP Holding Company LLC | User authentication device |
US9305153B1 (en) * | 2012-06-29 | 2016-04-05 | Emc Corporation | User authentication |
US9589399B2 (en) | 2012-07-02 | 2017-03-07 | Synaptics Incorporated | Credential quality assessment engine systems and methods |
WO2014051518A1 (en) * | 2012-09-25 | 2014-04-03 | Temasek Polytechnic | Security film for revealing a passcode |
EP2988240A1 (en) * | 2014-08-22 | 2016-02-24 | Cerovic Dorde | Electronic transmitter and receiver with sealed data transfer that is closed to outside world |
Family Cites Families (54)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
GB1285445A (en) * | 1968-08-30 | 1972-08-16 | Smiths Industries Ltd | Improvements in or relating to access-control equipment and item-dispensing systems including such equipment |
GB1285444A (en) * | 1968-08-30 | 1972-08-16 | Smiths Industries Ltd | Improvements in or relating to access-control equipment and item-dispensing systems including such equipment |
GB1429467A (en) * | 1972-02-28 | 1976-03-24 | Chubb Integrated Systems Ltd | Access- or transactioncontrol equipment |
FR2304965A2 (en) * | 1974-03-25 | 1976-10-15 | Innovation Ste Int | ELECTRONIC CONTROL PROCESS AND DEVICE |
US3971916A (en) | 1974-03-25 | 1976-07-27 | Societe Internationale | Methods of data storage and data storage systems |
GB2115996B (en) * | 1981-11-02 | 1985-03-20 | Kramer Kane N | Portable data processing and storage system |
US4819267A (en) * | 1984-02-22 | 1989-04-04 | Thumbscan, Inc. | Solid state key for controlling access to computer systems and to computer software and/or for secure communications |
US4575621A (en) * | 1984-03-07 | 1986-03-11 | Corpra Research, Inc. | Portable electronic transaction device and system therefor |
EP0165386B1 (en) * | 1984-04-26 | 1989-11-29 | Heidelberger Druckmaschinen Aktiengesellschaft | Method and storage system for the storage of control data for press actuators |
US4614861A (en) * | 1984-11-15 | 1986-09-30 | Intellicard International, Inc. | Unitary, self-contained card verification and validation system and method |
US4634845A (en) * | 1984-12-24 | 1987-01-06 | Ncr Corporation | Portable personal terminal for use in a system for handling transactions |
EP0241219B1 (en) * | 1986-04-08 | 1993-01-13 | Seiko Instruments Inc. | Electronic timepiece |
JPS63120391A (en) * | 1986-11-10 | 1988-05-24 | Hitachi Ltd | Ic card |
JPS63185686A (en) * | 1987-01-28 | 1988-08-01 | 株式会社東芝 | Ic card |
US4967895A (en) * | 1987-04-16 | 1990-11-06 | Pom, Incorporated | Parameter control system for electronic parking meter |
US4959603A (en) * | 1987-10-27 | 1990-09-25 | Osaka Titanium Co., Ltd. | Solar battery equipment |
US4916296A (en) | 1987-10-29 | 1990-04-10 | Jerry R. Iggulden | Light modulating smart card |
US5136644A (en) * | 1988-04-21 | 1992-08-04 | Telecash | Portable electronic device for use in conjunction with a screen |
ES2072271T3 (en) * | 1989-03-17 | 1995-07-16 | Siemens Ag | AUTARCHIC COMPONENT OPERATED WITH PHOTONS. |
GB2278085B (en) * | 1993-05-21 | 1997-06-04 | Motorola Inc | Signal coupler |
US5432851A (en) * | 1993-10-21 | 1995-07-11 | Tecsec Incorporated | Personal computer access control system |
US5782552A (en) * | 1995-07-26 | 1998-07-21 | Green; David R. | Light assembly |
US5777903A (en) | 1996-01-22 | 1998-07-07 | Motorola, Inc. | Solar cell powered smart card with integrated display and interface keypad |
US5896215A (en) * | 1996-03-07 | 1999-04-20 | Cecil; Kenneth B. | Multi-channel system with multiple information sources |
US7334735B1 (en) * | 1998-10-02 | 2008-02-26 | Beepcard Ltd. | Card for interaction with a computer |
US7296282B1 (en) * | 1999-01-22 | 2007-11-13 | Koplar Interactive Systems International Llc | Interactive optical cards and other hand-held devices with increased connectivity |
WO2000048064A1 (en) * | 1999-02-10 | 2000-08-17 | Vasco Data Security, Inc. | Security access and authentication token with private key transport functionality |
US6340116B1 (en) * | 1999-09-16 | 2002-01-22 | Kenneth B. Cecil | Proximity card with incorporated pin code protection |
ES1046214Y (en) * | 2000-02-11 | 2001-05-16 | Todoli Joaquin Peiro | INTERNAL HELMET PROTECTOR. |
US7099590B2 (en) * | 2000-08-25 | 2006-08-29 | R&Dm Foundation | Filtering technique for free space interconnects |
US7025277B2 (en) * | 2000-09-25 | 2006-04-11 | The Trustees Of Princeton University | Smart card composed of organic processing elements |
US20060269061A1 (en) * | 2001-01-11 | 2006-11-30 | Cardinalcommerce Corporation | Mobile device and method for dispensing authentication codes |
US7606771B2 (en) * | 2001-01-11 | 2009-10-20 | Cardinalcommerce Corporation | Dynamic number authentication for credit/debit cards |
IL141389A0 (en) * | 2001-02-12 | 2002-03-10 | Weiss Golan | A system and a method for person's identity authentication |
IL141441A0 (en) * | 2001-02-15 | 2002-03-10 | Aharonson Dov | Smart card having an optical communication circuit and a method for use thereof |
US20040177045A1 (en) * | 2001-04-17 | 2004-09-09 | Brown Kerry Dennis | Three-legacy mode payment card with parametric authentication and data input elements |
DE60101997T2 (en) * | 2001-05-03 | 2004-12-09 | Berner Fachhochschule Hochschule für Technik und Architektur Biel-Bienne, Biel | Security device for online transactions |
US20020149822A1 (en) * | 2001-08-10 | 2002-10-17 | Stroud Eric M. | Optical commuincation system for a portable computing device and method of use |
US20050212657A1 (en) * | 2001-11-07 | 2005-09-29 | Rudy Simon | Identity verification system with self-authenticating card |
US20040159700A1 (en) * | 2001-12-26 | 2004-08-19 | Vivotech, Inc. | Method and apparatus for secure import of information into data aggregation program hosted by personal trusted device |
US7543156B2 (en) * | 2002-06-25 | 2009-06-02 | Resilent, Llc | Transaction authentication card |
CZ2005209A3 (en) * | 2002-09-10 | 2005-12-14 | Ivi Smart Technologies, Inc. | Safe biometric verification of identity |
US7681232B2 (en) * | 2004-03-08 | 2010-03-16 | Cardlab Aps | Credit card and a secured data activation system |
US7580898B2 (en) * | 2004-03-15 | 2009-08-25 | Qsecure, Inc. | Financial transactions with dynamic personal account numbers |
US7359647B1 (en) * | 2004-04-06 | 2008-04-15 | Nortel Networks, Ltd. | Method and apparatus for transmitting and receiving power over optical fiber |
DE102004046503B4 (en) * | 2004-09-23 | 2009-04-09 | Eads Deutschland Gmbh | Indirect optical free-space communication system for broadband transmission of high-rate data in the passenger compartment of an aircraft |
EP1713227B1 (en) * | 2005-04-11 | 2009-06-17 | AXSionics AG | System and Method for providing user's security when setting-up a connection over insecure networks |
US8700910B2 (en) * | 2005-05-31 | 2014-04-15 | Semiconductor Energy Laboratory Co., Ltd. | Communication system and authentication card |
EP1788509A1 (en) * | 2005-11-22 | 2007-05-23 | Berner Fachhochschule, Hochschule für Technik und Architektur | Method to transmit a coded information and device therefore |
US20080067247A1 (en) * | 2006-09-15 | 2008-03-20 | Mcgregor Travis M | Biometric authentication card and method of fabrication thereof |
WO2008079491A2 (en) * | 2006-10-20 | 2008-07-03 | Electronic Plastics, Llc | Decentralized secure transaction system |
US20090187507A1 (en) * | 2006-12-20 | 2009-07-23 | Brown Kerry D | Secure financial transaction network |
US20080201264A1 (en) * | 2007-02-17 | 2008-08-21 | Brown Kerry D | Payment card financial transaction authenticator |
US8736587B2 (en) * | 2008-07-10 | 2014-05-27 | Semiconductor Energy Laboratory Co., Ltd. | Semiconductor device |
-
2007
- 2007-03-07 IT IT000453A patent/ITMI20070453A1/en unknown
- 2007-12-12 WO PCT/EP2007/010849 patent/WO2008107008A1/en active Application Filing
- 2007-12-12 US US12/529,921 patent/US20100088754A1/en not_active Abandoned
- 2007-12-12 EP EP07856597A patent/EP2137665B1/en active Active
Non-Patent Citations (1)
Title |
---|
See references of WO2008107008A1 * |
Also Published As
Publication number | Publication date |
---|---|
EP2137665B1 (en) | 2013-03-20 |
ITMI20070453A1 (en) | 2008-09-08 |
WO2008107008A1 (en) | 2008-09-12 |
US20100088754A1 (en) | 2010-04-08 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
EP2137665B1 (en) | Authentication method and token using screen light for both communication and powering | |
EP1857953B1 (en) | Method and system for authentication and secure exchange of data between a personalised chip and a dedicated server | |
US9489670B2 (en) | Hybrid wireless short range payment system and method | |
KR101259925B1 (en) | One-time password credit/debit card | |
CA2702013C (en) | Contactless biometric authentication system and authentication method | |
US8335926B2 (en) | Computer system and biometric authentication apparatus for use in a computer system | |
US20060107067A1 (en) | Identification card with bio-sensor and user authentication method | |
US20210034834A1 (en) | Device With Biometric-Gated Display | |
CN102567686A (en) | Security authentication method of application software of mobile terminal based on human body stable characteristics | |
CN105093911B (en) | A kind of intelligent watch | |
CN109840578A (en) | A kind of electronic equipment | |
CN109842491A (en) | A kind of electronic equipment | |
CN104156855A (en) | Payment method and system | |
CN1614620A (en) | Portable card readers and method thereof | |
EP3110190B1 (en) | Method and device for managing contactless applications | |
CN210864778U (en) | All-in-one based on eID authentication and living body collection | |
RU132230U1 (en) | TERMINAL FOR A BIOMETRIC IDENTIFICATION CARD | |
CN111967870A (en) | Label, terminal and mobile device with transaction function | |
US20210034726A1 (en) | Device With Biometric-Gated Display | |
CN100354872C (en) | Credentials information identifying system | |
CN203812254U (en) | Self-service processing device for special-shaped chip card | |
EP2795830A1 (en) | Method of encrypted data exchange between a terminal and a machine | |
JP3694197B2 (en) | Authentication terminal and authentication system | |
US11533180B1 (en) | Storage device and electronic device | |
KR20170055946A (en) | Card |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PUAI | Public reference made under article 153(3) epc to a published international application that has entered the european phase |
Free format text: ORIGINAL CODE: 0009012 |
|
17P | Request for examination filed |
Effective date: 20091005 |
|
AK | Designated contracting states |
Kind code of ref document: A1 Designated state(s): AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HU IE IS IT LI LT LU LV MC MT NL PL PT RO SE SI SK TR |
|
RAP1 | Party data changed (applicant data changed or rights of an application transferred) |
Owner name: C-SIGMA S.R.L. |
|
RAP1 | Party data changed (applicant data changed or rights of an application transferred) |
Owner name: KOROTEK S.R.L. Owner name: C-SIGMA S.R.L. |
|
DAX | Request for extension of the european patent (deleted) | ||
17Q | First examination report despatched |
Effective date: 20111025 |
|
GRAP | Despatch of communication of intention to grant a patent |
Free format text: ORIGINAL CODE: EPIDOSNIGR1 |
|
GRAS | Grant fee paid |
Free format text: ORIGINAL CODE: EPIDOSNIGR3 |
|
REG | Reference to a national code |
Ref country code: DE Ref legal event code: R079 Ref document number: 602007029247 Country of ref document: DE Free format text: PREVIOUS MAIN CLASS: G06F0021200000 Ipc: G06F0021350000 |
|
GRAA | (expected) grant |
Free format text: ORIGINAL CODE: 0009210 |
|
RIC1 | Information provided on ipc code assigned before grant |
Ipc: G06F 21/44 20130101ALI20130207BHEP Ipc: G06F 21/35 20130101AFI20130207BHEP |
|
AK | Designated contracting states |
Kind code of ref document: B1 Designated state(s): AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HU IE IS IT LI LT LU LV MC MT NL PL PT RO SE SI SK TR |
|
REG | Reference to a national code |
Ref country code: GB Ref legal event code: FG4D |
|
REG | Reference to a national code |
Ref country code: CH Ref legal event code: EP |
|
REG | Reference to a national code |
Ref country code: IE Ref legal event code: FG4D |
|
REG | Reference to a national code |
Ref country code: AT Ref legal event code: REF Ref document number: 602465 Country of ref document: AT Kind code of ref document: T Effective date: 20130415 |
|
REG | Reference to a national code |
Ref country code: DE Ref legal event code: R096 Ref document number: 602007029247 Country of ref document: DE Effective date: 20130508 |
|
PG25 | Lapsed in a contracting state [announced via postgrant information from national office to epo] |
Ref country code: LT Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT Effective date: 20130320 Ref country code: ES Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT Effective date: 20130701 Ref country code: BG Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT Effective date: 20130620 Ref country code: SE Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT Effective date: 20130320 |
|
REG | Reference to a national code |
Ref country code: AT Ref legal event code: MK05 Ref document number: 602465 Country of ref document: AT Kind code of ref document: T Effective date: 20130320 |
|
REG | Reference to a national code |
Ref country code: LT Ref legal event code: MG4D |
|
PG25 | Lapsed in a contracting state [announced via postgrant information from national office to epo] |
Ref country code: LV Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT Effective date: 20130320 Ref country code: GR Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT Effective date: 20130621 Ref country code: SI Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT Effective date: 20130320 Ref country code: FI Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT Effective date: 20130320 |
|
REG | Reference to a national code |
Ref country code: NL Ref legal event code: VDEP Effective date: 20130320 |
|
PG25 | Lapsed in a contracting state [announced via postgrant information from national office to epo] |
Ref country code: BE Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT Effective date: 20130320 |
|
PG25 | Lapsed in a contracting state [announced via postgrant information from national office to epo] |
Ref country code: RO Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT Effective date: 20130320 Ref country code: AT Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT Effective date: 20130320 Ref country code: SK Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT Effective date: 20130320 Ref country code: CZ Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT Effective date: 20130320 Ref country code: IS Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT Effective date: 20130720 Ref country code: NL Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT Effective date: 20130320 Ref country code: PT Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT Effective date: 20130722 Ref country code: EE Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT Effective date: 20130320 |
|
PG25 | Lapsed in a contracting state [announced via postgrant information from national office to epo] |
Ref country code: PL Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT Effective date: 20130320 Ref country code: CY Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT Effective date: 20130320 |
|
PLBE | No opposition filed within time limit |
Free format text: ORIGINAL CODE: 0009261 |
|
STAA | Information on the status of an ep patent application or granted ep patent |
Free format text: STATUS: NO OPPOSITION FILED WITHIN TIME LIMIT |
|
PG25 | Lapsed in a contracting state [announced via postgrant information from national office to epo] |
Ref country code: DK Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT Effective date: 20130320 |
|
26N | No opposition filed |
Effective date: 20140102 |
|
REG | Reference to a national code |
Ref country code: DE Ref legal event code: R097 Ref document number: 602007029247 Country of ref document: DE Effective date: 20140102 |
|
PGFP | Annual fee paid to national office [announced via postgrant information from national office to epo] |
Ref country code: FR Payment date: 20131230 Year of fee payment: 7 |
|
REG | Reference to a national code |
Ref country code: CH Ref legal event code: PL |
|
PG25 | Lapsed in a contracting state [announced via postgrant information from national office to epo] |
Ref country code: LU Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT Effective date: 20131212 Ref country code: MC Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT Effective date: 20130320 |
|
REG | Reference to a national code |
Ref country code: IE Ref legal event code: MM4A |
|
PG25 | Lapsed in a contracting state [announced via postgrant information from national office to epo] |
Ref country code: IE Free format text: LAPSE BECAUSE OF NON-PAYMENT OF DUE FEES Effective date: 20131212 Ref country code: CH Free format text: LAPSE BECAUSE OF NON-PAYMENT OF DUE FEES Effective date: 20131231 Ref country code: LI Free format text: LAPSE BECAUSE OF NON-PAYMENT OF DUE FEES Effective date: 20131231 |
|
PG25 | Lapsed in a contracting state [announced via postgrant information from national office to epo] |
Ref country code: TR Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT Effective date: 20130320 |
|
PG25 | Lapsed in a contracting state [announced via postgrant information from national office to epo] |
Ref country code: HU Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT; INVALID AB INITIO Effective date: 20071212 |
|
PG25 | Lapsed in a contracting state [announced via postgrant information from national office to epo] |
Ref country code: MT Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT Effective date: 20130320 |
|
REG | Reference to a national code |
Ref country code: FR Ref legal event code: ST Effective date: 20150831 |
|
PG25 | Lapsed in a contracting state [announced via postgrant information from national office to epo] |
Ref country code: FR Free format text: LAPSE BECAUSE OF NON-PAYMENT OF DUE FEES Effective date: 20141231 |
|
PG25 | Lapsed in a contracting state [announced via postgrant information from national office to epo] |
Ref country code: IT Free format text: LAPSE BECAUSE OF NON-PAYMENT OF DUE FEES Effective date: 20151212 |
|
PG25 | Lapsed in a contracting state [announced via postgrant information from national office to epo] |
Ref country code: IT Free format text: LAPSE BECAUSE OF NON-PAYMENT OF DUE FEES Effective date: 20151212 |
|
PGRI | Patent reinstated in contracting state [announced from national office to epo] |
Ref country code: IT Effective date: 20170710 |
|
PGFP | Annual fee paid to national office [announced via postgrant information from national office to epo] |
Ref country code: GB Payment date: 20171231 Year of fee payment: 11 |
|
PGFP | Annual fee paid to national office [announced via postgrant information from national office to epo] |
Ref country code: DE Payment date: 20180102 Year of fee payment: 11 |
|
PG25 | Lapsed in a contracting state [announced via postgrant information from national office to epo] |
Ref country code: IT Free format text: LAPSE BECAUSE OF NON-PAYMENT OF DUE FEES Effective date: 20171212 |
|
PG25 | Lapsed in a contracting state [announced via postgrant information from national office to epo] |
Ref country code: IT Free format text: LAPSE BECAUSE OF NON-PAYMENT OF DUE FEES Effective date: 20171212 |
|
PGFP | Annual fee paid to national office [announced via postgrant information from national office to epo] |
Ref country code: IT Payment date: 20180102 Year of fee payment: 11 |
|
PGRI | Patent reinstated in contracting state [announced from national office to epo] |
Ref country code: IT Effective date: 20190408 |
|
REG | Reference to a national code |
Ref country code: DE Ref legal event code: R119 Ref document number: 602007029247 Country of ref document: DE |
|
GBPC | Gb: european patent ceased through non-payment of renewal fee |
Effective date: 20181212 |
|
PG25 | Lapsed in a contracting state [announced via postgrant information from national office to epo] |
Ref country code: DE Free format text: LAPSE BECAUSE OF NON-PAYMENT OF DUE FEES Effective date: 20190702 Ref country code: IT Free format text: LAPSE BECAUSE OF NON-PAYMENT OF DUE FEES Effective date: 20181212 |
|
PGRI | Patent reinstated in contracting state [announced from national office to epo] |
Ref country code: IT Effective date: 20190408 |
|
PG25 | Lapsed in a contracting state [announced via postgrant information from national office to epo] |
Ref country code: GB Free format text: LAPSE BECAUSE OF NON-PAYMENT OF DUE FEES Effective date: 20181212 |